WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI.
The ReadDIBImage function in coders/dib.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable.
bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file.